VMware vCloud Director – NSX Install and Configure – Part 4

VMware vCloud Director NSX Install and Configure

Part 4 of the VMware vCloud Director series looks at the installation and configuration of VMware NSX. VMware NSX will be providing Layer 2 and Layer 3 network functionality to vCloud Director.

Installing VMware NSX for vCloud Director

1. VMware NSX Manager is provided as a virtual appliance. First up we’ll look at the installation of this virtual appliance. In this demo we’ll be installing the virtual appliance via the vSphere client. Launch the vSphere client and click on the file menu – Deploy OVF Template. Once the wizard launches, select the VMware NSX manager OVA file and click Next.

2. Some information is displayed about the VMware NSX OVA image, click Next.

3. Click Accept on the End User License Agreement followed by clicking Next.

4. Type a name for the VMware NSX manager and select a folder to place the virtual machine. Click Next.

5. Select a Resource Pool or vApp to place the VMware NSX manager. Click Next.

9. Enter in passwords for the CLI admin user and for CLI privilege mode. Enter in the FQDN for the hostname (I also setup a forward and reverse DNS entry in my Windows Active Directory DNS Server). Enter an IP address that you wish to assign to the VMware NSX Manager.

12. You are now presented with a summary screen with all the settings that you’ve previously chose. If you wish to make any changes click on the Back button, otherwise click Finish to begin the deployment.

Configuring VMware NSX for vCloud Director

1. Open a browser and browse to the DNS or IP address of your VMware NSX manager. Enter your username and password and login.

6. As we can see in the screen shot below, we are using a self-signed SSL certificate generated at the time of installation. You can use this screen to Generate a CSR, submit the request to a trusted Certificate Authority and obtain a signed digital certificate. You can use the Upload PKCS#12 Keystore button to upload the certificate. Click Backups and Restore

7. Within this window we can schedule a one-time or recurring backup of the VMware NSX manager configuration.

8. Click on Change next to FTP Server Setting. As we can see in the screen shot below we can either utilize FTP or SFTP for our configuration backups

9. Under Components – Click on NSX Management Service. Here we will be entering our information for our vCenter Lookup Service and vCenter Server settings.

10. Click Edit next to Lookup Service. Enter in your Lookup service IP or DNS name and a username and password with administrator rights to your SSO. In a production environment create a new admin account other than administrator and use that account here.

11. Click Yes to proceed with Trusting the Certificate

12. The lookup service has now been connected. Next we will setup our vCenter Server connection.

13. Click Edit next to vCenter Server. Enter in your vCenter Server IP or DNS name and a user with administrator access to your vCenter Server. In a production environment create a new admin account other than administrator and use that account here. Click Ok.

14. Click Yes to proceed with Trusting the Certificate

15. The vCenter Server is now successfully connected to the VMware NSX Manager.

16. Log back into the vSphere web interface if you’re not already. Clicking on the home tab you will notice the new Networking & Security icon under the Inventories row.

17. Click on Networking & Security and it will bring you to the VMware NSX configuration settings.

18. Click on Installation and you will see the NSX Manager that we setup previously with IP address 192.168.1.169

19. Click on the green + under NSX Controller Nodes. From here we will be deploying 3 controllers as this is the recommended minimum for NSX. Within the Add Controller Window we will want to make sure our NSX Manager is selected, select the Datacenter, Cluster or Resource Pool, Datastore, Host and Folder locations. This will be the location where you will be installing your first NSX controller. I have selected NSX as a resource pool and all my controllers will be sitting in my management cluster, not within the vcloud cluster. Next I will select the management network for the controllers. Next we need to setup an IP Pool which will allocate IP addresses to our controllers.

20. Click Select, Next to IP Pool. You are presented with the Select IP Pool window.

21. Click New IP Pool. Type in a Name to reference the IP Pool. Enter in the gateway IP address for the management network along with the prefix length (24 for 255.255.255.0). I am going to specify my Windows Active Directory DNS server as Primary DNS and for the DNS suffix my Active Directory Domain vmlab.local

Within Static IP Pool, I will enter the range of IP addresses that I will allocate to my 3 NSX controllers. As you can see in the screen shot below I will allocate 192.168.1.177, 192.168.1.178 and 192.168.179. Click Ok once you have finished

22. You will now return back to the Select IP Pool screen where you can see that the newly created IP Pool is listed. Clicking on the IP Pool displays the settings off to the left. Click Ok when finished

23. Lastly we will enter in a password which will be assigned to the CLI of each NSX controller. When you are happy with all the settings click Ok.

24. The first NSX controller begins deployment as you can see under NSX Controller nodes.

25. We will move on and install NSX Controller 2. Click the green + under NSX Controller Nodes. I only have 1 VMware ESXi host in my management cluster so I will keep my settings the same, however if you have more than 1 host in your cluster make sure you spread the controllers amongst hosts, datastores and resource pools. Click on Select next to IP Pool and select the previously created IP Pool, this will assign the next available IP address in the pool to this controller. Click Ok to deploy the second controller.

26. This warning appears due to my lab only having 1 host in my management cluster. However it’s a good reminder in case you forget. Click Yes to continue

27. We now have the second NSX controller deployed.

28. Repeat steps 25 and 26 to deploy the third and last controller.

29. Our next step is to push out NSX to the all hosts in the cluster. Click on Installation on the left hand side, then on the right hand side under Clusters & Hosts, select your vCloud Cluster and under Installation Status click your mouse on the right hand side of Not Installed. A little purple cog will appear and you can drop down a menu and select Install.

30. A confirmation window appears. Click Yes.

31. The NSX Agent has been deployed to all my vCloud Cluster ESXi hosts. The agent version is displayed along with Enabled under the Firewall column.

32. We will now configure our VMware ESXi hosts for VXLAN. Click to the left of Not Configured, under the VXLAN colume and select Configure VXLAN

33. Select the distributed switch belonging to the vCloud Director cluster, type in the vlan you wish to use exclusively for VXLAN traffic, make the MTU 1600 (ensure your physical switches can support jumbo frames, i.e. larger than 1500 MTU. Check with your switch manufacture on how to configure jumbo frames). For the VMKernel Nic’s that will be allocated to each VMware ESXi host, we will be assigning Static IP’s via an IP Pool. Select Use IP Pool and select New IP Pool.

34. As you can see in the screen shot below I have given my IP Pool the name VXLAN NIC Pool with a gateway of 192.168.100.1, prefix length of 24 and Static IP Pool of 192.168.100.175 – 192.168.100.176. I have only allocated 2 IPs for this pool as I will only have a maximum of 2 VMware ESXi hosts in this vCloud Director cluster.

35. Make sure your newly created VXLAN NIC Pool is selected, for the VMKNic Teaming Policy, ensure that the teaming policy that is in use in your network is selected. Click Ok.

36. We can now see that for our vCloud Director cluster, VXLAN is configured with the green tick.

37. If we now browse to networking for our vCloudDSSwitch, we can see the VXLAN (vlan 1000) port group created

38. Clicking on Hosts and Clusters and selecting the VMware ESXi host vcloud6esxi.vmlab.local – Manage – Networking – VMKernel adapter, we can see the VXLAN vmk3 adapter which has an IP address from the IP Pool of 192.168.100.175

39. Browse back Home – Networking & Security – Installation – Logical Network Preparation – Segment ID, and select Edit. Type in a range between 5000 and 16777215, this will be the amount of VXLAN networks you can create for vCloud Director. For my lab I’ve entered in 5000-7000. Click Ok

40. The Segment ID Pool is now set. In part 5 we will look at configuring VM Storage Policies in order to classify our tiered Storage.

If you have any technical questions about this tutorial or any other tutorials on this site, please open a new thread in the forums and the community will be able to help you out.

Disclaimer:All the tutorials included on this site are performed in a lab environment to simulate a real world production scenario. As everything is done to provide the most accurate steps to date, we take no responsibility if you implement any of these steps in a production environment.